<?php
	
	# include the shield
	include_once('class.shield.php');
	
	# delcare the shield
	$shield = new shield();
	
	if(isset($_GET['monster']))
	{
?>
This is what has been sent via GET. You can see none of the original data is contained.<br />
<br />
<pre>
<?php
		print_r($_GET);
?>
</pre>
<br />
<br />
However now take a look at GET again after exposing the data. You will also find that the <br />
REQUEST super global has also been modified.<br />
<br />
<pre>
<?php
		# expost the data
		$result = $shield->expose(false, 'monster');
		echo 'RESULT : '.(is_array($result) ? 'OK' : $result).'<br><br>';
		print_r($_GET);
?>
</pre>
<br />
Once the data has been dealt with you can remove it from the super globals to avoid any tampering<br />
<br />
<pre>
<?php
		# expunge the data
		$shield->expunge(true);
		print_r($_GET);
?>
</pre>
<?php
		exit;
	}
?>

This example creates a get string for the form action param.<br />
Check out the source code.<br />
<br />
<?php
	
	# the data to be transmitted
	$data['goto'] = 'Narnia';
	$data['kill'] = 'pixies';

	# protect the data for ten secs. after that the expose function called to expose the encrypted data 
	# fails and returns TIMEOUT
	$str = $shield->protect($data, SHIELD_GET, false,  'monster', false);
	
?>
<form name="shield_test" method="post" action="<?php echo $str; ?>&devil=666">
	<input type="hidden" name="testvalue1" value="abcdefg" />
	<input type="hidden" name="testvalue2" value="hijklmnop" />
	<input type="hidden" name="testvalue3" value="qrstuvwxyz" />
	<input type="submit" id="Submit" name="Submit" value="Sumbit Shielded Data" />
</form>